xt_pknock: replace obsolete function get_seconds

get_seconds is removed in 5.11; its replacement ktime_get_real_seconds is available since 3.19. The timestamps should not be affected by clock resets, so will be switched to ktime_get_seconds.
2025-12-07 00:23:53 +01:00 · 2021-02-05 20:14:55 +01:00
parent 43df040e05
commit 4ee209416f
1 changed files with 10 additions and 10 deletions
--- a/extensions/pknock/xt_pknock.c
+++ b/extensions/pknock/xt_pknock.c
@@ -247,12 +247,11 @@ pknock_seq_show(struct seq_file *s, void *v)
 			seq_printf(s, "expir_time=%lu [secs] ", time);
 		}
 		if (peer->status == ST_ALLOWED && rule->autoclose_time != 0) {
 			unsigned long x = ktime_get_seconds();
 			unsigned long y = peer->login_sec + rule->autoclose_time * 60;
 			time = 0;
-			if (time_before(get_seconds(), peer->login_sec +
+			if (time_before(x, y))
-			    rule->autoclose_time * 60))
+				time = y - x;
 				time = peer->login_sec +
 				       rule->autoclose_time * 60 -
 				       get_seconds();
 			seq_printf(s, "autoclose_time=%lu [secs] ", time);
 		}
 		seq_printf(s, "\n");
@@ -312,8 +311,9 @@ static void update_rule_gc_timer(struct xt_pknock_rule *rule)
 static inline bool
 autoclose_time_passed(const struct peer *peer, unsigned int autoclose_time)
 {
-	return peer != NULL && autoclose_time != 0 && time_after(get_seconds(),
+	unsigned long x = ktime_get_seconds();
-	       peer->login_sec + autoclose_time * 60);
+	unsigned long y = peer->login_sec + autoclose_time * 60;
 	return peer != NULL && autoclose_time != 0 && time_after(x, y);
 }
 /**
@@ -335,7 +335,7 @@ is_interknock_time_exceeded(const struct peer *peer, unsigned int max_time)
 static inline bool
 has_logged_during_this_minute(const struct peer *peer)
 {
-	return peer != NULL && peer->login_sec / 60 == get_seconds() / 60;
+	return peer != NULL && peer->login_sec / 60 == ktime_get_seconds() / 60;
 }
 /**
@@ -727,7 +727,7 @@ has_secret(const unsigned char *secret, unsigned int secret_len, uint32_t ipsrc,
 	hexresult = kzalloc(hexa_size, GFP_ATOMIC);
 	if (hexresult == NULL)
 		return false;
-	epoch_min = get_seconds() / 60;
+	epoch_min = ktime_get_seconds() / 60;
 	ret = crypto_shash_setkey(crypto.tfm, secret, secret_len);
 	if (ret != 0) {
@@ -826,7 +826,7 @@ update_peer(struct peer *peer, const struct xt_pknock_mtinfo *info,
 	if (is_last_knock(peer, info)) {
 		peer->status = ST_ALLOWED;
 		pk_debug("ALLOWED", peer);
-		peer->login_sec = get_seconds();
+		peer->login_sec = ktime_get_seconds();
 		if (nl_multicast_group > 0)
 			msg_to_userspace_nl(info, peer, nl_multicast_group);
 		return true;